TPG Community

Get online support

Multi-Factor Authentication options

rygle
Level 3
Thank you for putting in place Multi-Factor Authentication (2FA) in the near future, which is a step forward in security.

I am concerned, however, that the only option given for 2FA codes is via SMS message, which is not really very secure as phone networks are not as secure as we might like them to be (evidenced in part by the amount of SMS spam we get from random numbers). I would like to request that users have the choice of other options, such as the terrific Authy app, or Google Authenticator app. These are much more secure, are not really that hard to explain to end users (my wife uses the very similar Microsoft app for her work logins, which is saying something regarding ease of use), and even if it is just an option as well as SMS, then it will make things more secure for those who are able to follow the instructions. I don't believe implementing this would be much harder to code, since it is quite ubiquitous these days and I am sure that 2FA app providers would have relevant code snippets available.

Could you please make the apps an option?

Thanks, Rygle
15 REPLIES 15
Aubrey
Moderator

Welcome to TPG Community @rgyle!

 

Our customers' security and privacy is something that is very important to us. We are continuously working on our security processes to protect our customers.

 

At this point, MFA via SMS is the only option available. However, we appreciate your feedback and we'll definitely take this on board.

 

Cheers! 

amortensen24
Level 2

I really wish you would do better than "take it onboard".
In addition to the above limiting the MFA to only sms poses a problem for people who travel often. Given the high roaming charges of Australian telcos you are forcing your customers to absorb a potential expense due to your choice of technology by not providing a solution which caters for WIFI or sim cards from other providers.

BasilDV
Moderator

Hi @amortensen24

 

If you are planning to go overseas, then we can look at helping with anything you need before leaving.

 

Also, you may contact our Social Media or Chat team if you need any assistance for any low risk transactions, when you are away.

Low risk transactions such as:

  • Processing Payment(s)
  • Lodging a Fault
  • Discussion of owing amount on an invoice
  • Invoice charges breakdown, etc.
     

For any high risk transactions, the current MFA will be applied for the security of our customers.

 

Have a good day.

BasilDV

MarRover2
Level 3

Hi all,

Yes, I support the request to use authenticator as mentioned by several forum user.

Given the various authenticators have been around for a while, I am annoyed that logging in from overseas still requiring expensive roaming charges when there are more customer-pleasing solution is around.

The most common "high risk" operation, according to TPG, is to access e-mail (thankfully I don't route my e-mail to TPG) and it is the "high cost" operation.

Please support Google, MS, Authy aunthicators.

Rover

Derekathome
Level 2

If you lose your phone how do you authenticate to block the SIM?

If you need to do a SIM swap due to a damaged or faulty SIM, how do you authenticate?

 

The Government regulation allows other methods.

Other companies are allowing other methods.

 

Will TPG be providing a workable solution or do we need to part ways?

Angeli
Moderator

Hi @Derekathome

 

If the mobile number on your TPG account has an issue, you can reach out to our privacy team via email at privacy@tpgtelecom.com.au for account verification. For now, multi factor authentication app is not yet available aside from receiving a one time passcode via SMS. We continue to work on this and we'll definitely let our customers know should there be any updates. We appreciate your understanding.

 

Regards, 
Angeli

lazare82
Level 2

Hello,

Could you please remind me the reasons TPG wishes to implement MFA using a mobile phone?

I work in the Aged Care and Disability sector.
A large amount of them DO NOT own a mobile and only use a landline phone!

What option will you provide them to contact you and solve their issues?

Looking forward to hear from you.

Advocating for the Elderly and People with Limited Abilities

steve3140
Level 3

@rygle wrote:
Could you please make the apps an option?

I'll add my "vote" to this proposal.  Using authenticator apps such as those from Microsoft or Google is definitely the best technical solution.  With SMS and email as last resort.

Acbhol
Level 2

I too support the need for alternate methods of 2FA.

On my recent trip overseas (October 2022), before going, I switched to interantional roaming on the TPG settings website. Wnen I got overseas my phone was not roaming and I could not open my tpg account page to take steps to rectify the situation.  Because of course I can't receive the code on my phone.

When I arrived home I find It was switched - without any record (*usually an email is sent verifying if roaming is "on" or "off"). So obviously I was locked out - whole trip. Whe I arrived home to Australia I phoned TPG techs.... they checked, agreed, had no answer, and said "we'll get back to you".....They never did.